/* mkgroup.c:
- Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
- 2007, 2008 Red Hat, Inc.
-
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */
-#define _WIN32_WINNT 0x0600
+#define _WIN32_WINNT 0x0a00
+#include <errno.h>
#include <ctype.h>
#include <stdlib.h>
#include <wchar.h>
#include <wctype.h>
+#include <locale.h>
#include <stdio.h>
#include <unistd.h>
+#include <inttypes.h>
#include <getopt.h>
#include <io.h>
+#include <grp.h>
#include <sys/fcntl.h>
#include <sys/cygwin.h>
+#include <cygwin/version.h>
#include <windows.h>
#include <lm.h>
#include <wininet.h>
#include <iptypes.h>
#include <ntsecapi.h>
-#include <dsgetdc.h>
#include <ntdef.h>
#define print_win_error(x) _print_win_error(x, __LINE__)
-#define MAX_SID_LEN 40
-
-static const char version[] = "$Revision$";
-
-extern char *__progname;
-
SID_IDENTIFIER_AUTHORITY sid_world_auth = {SECURITY_WORLD_SID_AUTHORITY};
SID_IDENTIFIER_AUTHORITY sid_nt_auth = {SECURITY_NT_AUTHORITY};
-NET_API_STATUS WINAPI (*dsgetdcname)(LPWSTR,LPWSTR,GUID*,LPWSTR,ULONG,PDOMAIN_CONTROLLER_INFOW*);
-
#ifndef min
#define min(a,b) (((a)<(b))?(a):(b))
#endif
typedef struct
{
char *str;
- DWORD id_offset;
BOOL domain;
BOOL with_dom;
} domlist_t;
-void
+static void
_print_win_error (DWORD code, int line)
{
char buf[4096];
code,
MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR) buf, sizeof (buf), NULL))
- fprintf (stderr, "mkgroup (%d): [%lu] %s", line, code, buf);
+ fprintf (stderr, "mkgroup (%d): [%" PRIu32 "] %s",
+ line, (unsigned int) code, buf);
else
- fprintf (stderr, "mkgroup (%d): error %lu", line, code);
+ fprintf (stderr, "mkgroup (%d): error %" PRIu32 ,
+ line, (unsigned int) code);
}
-void
-load_dsgetdcname ()
-{
- HANDLE h = LoadLibrary ("netapi32.dll");
- if (h)
- dsgetdcname = (void *) GetProcAddress (h, "DsGetDcNameW");
-}
-
-static PWCHAR
-get_dcname (char *domain)
-{
- static WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 1];
- DWORD rc;
- PWCHAR servername;
- WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
- PDOMAIN_CONTROLLER_INFOW pdci = NULL;
-
- if (dsgetdcname)
- {
- if (domain)
- {
- mbstowcs (domain_name, domain, strlen (domain) + 1);
- rc = dsgetdcname (NULL, domain_name, NULL, NULL, 0, &pdci);
- }
- else
- rc = dsgetdcname (NULL, NULL, NULL, NULL, 0, &pdci);
- if (rc != ERROR_SUCCESS)
- {
- print_win_error (rc);
- return (PWCHAR) -1;
- }
- wcscpy (server, pdci->DomainControllerName);
- NetApiBufferFree (pdci);
- }
- else
- {
- rc = NetGetDCName (NULL, NULL, (void *) &servername);
- if (rc == ERROR_SUCCESS && domain)
- {
- LPWSTR server = servername;
- mbstowcs (domain_name, domain, strlen (domain) + 1);
- rc = NetGetDCName (server, domain_name, (void *) &servername);
- NetApiBufferFree (server);
- }
- if (rc != ERROR_SUCCESS)
- {
- print_win_error(rc);
- return (PWCHAR) -1;
- }
- wcscpy (server, servername);
- NetApiBufferFree ((PVOID) servername);
- }
- return server;
-}
-
-char *
+static char *
put_sid (PSID psid)
{
static char s[512];
strcat (s, t);
for (i = 0; i < *GetSidSubAuthorityCount (psid); ++i)
{
- sprintf(t, "-%lu", *GetSidSubAuthority (psid, i));
+ sprintf(t, "-%" PRIu32 , (unsigned int) *GetSidSubAuthority (psid, i));
strcat (s, t);
}
return s;
int buffer[10];
} sidbuf;
-sidbuf curr_pgrp;
-BOOL got_curr_pgrp = FALSE;
+static sidbuf curr_pgrp;
+static BOOL got_curr_pgrp = FALSE;
-void
+static void
fetch_current_pgrp_sid ()
{
DWORD len;
}
}
-void
-current_group (const char *sep, DWORD id_offset)
-{
- WCHAR grp[GNLEN + 1];
- WCHAR dom[MAX_DOMAIN_NAME_LEN + 1];
- DWORD glen = GNLEN + 1;
- DWORD dlen = MAX_DOMAIN_NAME_LEN + 1;
- int gid;
- SID_NAME_USE acc_type;
-
- if (!curr_pgrp.psid
- || !LookupAccountSidW (NULL, curr_pgrp.psid, grp, &glen, dom, &dlen,
- &acc_type))
- {
- print_win_error (GetLastError ());
- return;
- }
- gid = *GetSidSubAuthority (curr_pgrp.psid,
- *GetSidSubAuthorityCount(curr_pgrp.psid) - 1);
- printf ("%ls%s%ls:%s:%lu:\n",
- sep ? dom : L"",
- sep ?: "",
- grp,
- put_sid (curr_pgrp.psid),
- id_offset + gid);
-}
-
-void
-enum_unix_groups (domlist_t *dom_or_machine, const char *sep, DWORD id_offset,
+static void
+enum_unix_groups (domlist_t *mach, const char *sep, DWORD id_offset,
char *unix_grp_list)
{
WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1];
- PWCHAR servername = NULL;
- char *d_or_m = dom_or_machine ? dom_or_machine->str : NULL;
- BOOL with_dom = dom_or_machine ? dom_or_machine->with_dom : FALSE;
SID_IDENTIFIER_AUTHORITY auth = { { 0, 0, 0, 0, 0, 22 } };
char *gstr, *grp_list;
WCHAR grp[GNLEN + sizeof ("Unix Group\\") + 1];
WCHAR dom[MAX_DOMAIN_NAME_LEN + 1];
DWORD glen, dlen, sidlen;
PSID psid;
- char psid_buffer[MAX_SID_LEN];
+ PSID numeric_psid;
+ char psid_buffer[SECURITY_MAX_SID_SIZE];
SID_NAME_USE acc_type;
- if (!d_or_m)
- return;
-
- int ret = mbstowcs (machine, d_or_m, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+ int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1);
if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
{
fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
- __progname, d_or_m);
+ program_invocation_short_name, mach->str);
return;
}
- servername = machine;
- if (!AllocateAndInitializeSid (&auth, 2, 2, 0, 0, 0, 0, 0, 0, 0, &psid))
+ if (!AllocateAndInitializeSid (&auth, 2, 2, 0, 0, 0, 0, 0, 0, 0,
+ &numeric_psid))
return;
if (!(grp_list = strdup (unix_grp_list)))
{
- FreeSid (psid);
+ FreeSid (numeric_psid);
return;
}
for (gstr = strtok (grp_list, ","); gstr; gstr = strtok (NULL, ","))
{
- if (!isdigit (gstr[0]) && gstr[0] != '-')
+ if (!isdigit ((unsigned char) gstr[0]) && gstr[0] != '-')
{
PWCHAR p = wcpcpy (grp, L"Unix Group\\");
ret = mbstowcs (p, gstr, GNLEN + 1);
if (ret < 1 || ret >= GNLEN + 1)
- fprintf (stderr, "%s: Invalid group name '%s'. Skipping...\n",
- __progname, gstr);
- else if (LookupAccountNameW (servername, grp,
- psid = (PSID) psid_buffer,
- (sidlen = MAX_SID_LEN, &sidlen),
- dom,
- (dlen = MAX_DOMAIN_NAME_LEN + 1, &dlen),
- &acc_type))
- printf ("%s%s%ls:%s:%lu:\n",
- with_dom ? "Unix Group" : "",
- with_dom ? sep : "",
+ {
+ fprintf (stderr, "%s: Invalid group name '%s'. Skipping...\n",
+ program_invocation_short_name, gstr);
+ continue;
+ }
+ psid = (PSID) psid_buffer;
+ sidlen = SECURITY_MAX_SID_SIZE;
+ dlen = MAX_DOMAIN_NAME_LEN + 1;
+ if (LookupAccountNameW (machine, grp, psid, &sidlen,
+ dom, &dlen, &acc_type))
+ printf ("%s%s%ls:%s:%" PRIu32 ":\n",
+ "Unix_Group",
+ sep,
p,
put_sid (psid),
- id_offset +
+ (unsigned int) (id_offset +
*GetSidSubAuthority (psid,
- *GetSidSubAuthorityCount(psid) - 1));
+ *GetSidSubAuthorityCount(psid) - 1)));
}
else
{
start = strtol (p, &p, 10);
if (!*p)
stop = start;
- else if (*p++ != '-' || !isdigit (*p)
+ else if (*p++ != '-' || !isdigit ((unsigned char) *p)
|| (stop = strtol (p, &p, 10)) < start || *p)
{
fprintf (stderr, "%s: Malformed unix group list entry '%s'. "
- "Skipping...\n", __progname, gstr);
+ "Skipping...\n",
+ program_invocation_short_name, gstr);
continue;
}
for (; start <= stop; ++ start)
{
+ psid = numeric_psid;
*GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1)
= start;
- if (LookupAccountSidW (servername, psid,
- grp, (glen = GNLEN + 1, &glen),
- dom,
- (dlen = MAX_DOMAIN_NAME_LEN + 1, &dlen),
- &acc_type)
+ glen = GNLEN + 1;
+ dlen = MAX_DOMAIN_NAME_LEN + 1;
+ if (LookupAccountSidW (machine, psid, grp, &glen,
+ dom, &dlen, &acc_type)
&& !iswdigit (grp[0]))
- printf ("%s%s%ls:%s:%lu:\n",
- with_dom ? "Unix Group" : "",
- with_dom ? sep : "",
+ printf ("%s%s%ls:%s:%" PRIu32 ":\n",
+ "Unix_Group",
+ sep,
grp,
put_sid (psid),
- id_offset + start);
+ (unsigned int) (id_offset + start));
}
}
}
free (grp_list);
- FreeSid (psid);
+ FreeSid (numeric_psid);
}
-int
-enum_local_groups (BOOL domain, domlist_t *dom_or_machine, const char *sep,
- DWORD id_offset, char *disp_groupname, int print_builtin)
+static int
+enum_local_groups (domlist_t *mach, const char *sep,
+ DWORD id_offset, char *disp_groupname, int print_builtin,
+ int print_current)
{
WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1];
- PWCHAR servername = NULL;
- char *d_or_m = dom_or_machine ? dom_or_machine->str : NULL;
- BOOL with_dom = dom_or_machine ? dom_or_machine->with_dom : FALSE;
LOCALGROUP_INFO_0 *buffer;
DWORD entriesread = 0;
DWORD totalentries = 0;
- DWORD resume_handle = 0;
+ DWORD_PTR resume_handle = 0;
WCHAR gname[GNLEN + 1];
DWORD rc;
- if (domain)
- {
- servername = get_dcname (d_or_m);
- if (servername == (PWCHAR) -1)
- return 1;
- }
- else if (d_or_m)
+ int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+ if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
{
- int ret = mbstowcs (machine, d_or_m, INTERNET_MAX_HOST_NAME_LENGTH + 1);
- if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
- {
- fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
- __progname, d_or_m);
- return 1;
- }
- servername = machine;
+ fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
+ program_invocation_short_name, mach->str);
+ return 1;
}
do
{
DWORD i;
- if (disp_groupname != NULL)
+ if (disp_groupname)
{
mbstowcs (gname, disp_groupname, GNLEN + 1);
- rc = NetApiBufferAllocate (sizeof (LOCALGROUP_INFO_0),
- (void *) &buffer);
- buffer[0].lgrpi0_name = gname;
- entriesread = 1;
+ rc = NetLocalGroupGetInfo (machine, gname, 0, (void *) &buffer);
+ if (rc == ERROR_SUCCESS)
+ entriesread = 1;
+ /* Allow further searching for the group and avoid annoying
+ error messages just because the group is not a local group or
+ the group hasn't been found. */
+ else if (rc == ERROR_NO_SUCH_ALIAS || rc == NERR_GroupNotFound)
+ return 0;
}
- else
- rc = NetLocalGroupEnum (servername, 0, (void *) &buffer,
+ else
+ rc = NetLocalGroupEnum (machine, 0, (void *) &buffer,
MAX_PREFERRED_LENGTH, &entriesread,
&totalentries, &resume_handle);
switch (rc)
{
WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1;
- char psid_buffer[MAX_SID_LEN];
+ char psid_buffer[SECURITY_MAX_SID_SIZE];
PSID psid = (PSID) psid_buffer;
- DWORD sid_length = MAX_SID_LEN;
+ DWORD sid_length = SECURITY_MAX_SID_SIZE;
DWORD gid;
SID_NAME_USE acc_type;
PDBGSID pdsid;
BOOL is_builtin = FALSE;
- if (!LookupAccountNameW (servername, buffer[i].lgrpi0_name, psid,
+ if (!LookupAccountNameW (machine, buffer[i].lgrpi0_name, psid,
&sid_length, domain_name, &domname_len,
&acc_type))
{
- print_win_error (rc);
+ print_win_error (GetLastError ());
fprintf (stderr, " (%ls)\n", buffer[i].lgrpi0_name);
continue;
}
- else if (acc_type == SidTypeDomain)
- {
- WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2];
-
- wcscpy (domname, domain_name);
- wcscat (domname, L"\\");
- wcscat (domname, buffer[i].lgrpi0_name);
- sid_length = MAX_SID_LEN;
- domname_len = MAX_DOMAIN_NAME_LEN + 1;
- if (!LookupAccountNameW (servername, domname,
- psid, &sid_length,
- domain_name, &domname_len,
- &acc_type))
- {
- print_win_error (rc);
+ else if (acc_type == SidTypeDomain)
+ {
+ WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2];
+ PWCHAR p;
+
+ p = wcpcpy (domname, domain_name);
+ p = wcpcpy (p, L"\\");
+ p = wcpncpy (p, buffer[i].lgrpi0_name, GNLEN);
+ *p = L'\0';
+ sid_length = SECURITY_MAX_SID_SIZE;
+ domname_len = MAX_DOMAIN_NAME_LEN + 1;
+ if (!LookupAccountNameW (machine, domname,
+ psid, &sid_length,
+ domain_name, &domname_len,
+ &acc_type))
+ {
+ print_win_error (GetLastError ());
fprintf(stderr, " (%ls)\n", domname);
- continue;
- }
- }
+ continue;
+ }
+ }
/* Store all local SIDs with prefix "S-1-5-32-" and check if it
has been printed already. This allows to get all builtin
int b;
if (!print_builtin)
- goto skip_group;
+ goto skip_group;
is_builtin = TRUE;
if (builtin_sid_cnt)
for (b = 0; b < builtin_sid_cnt; b++)
CopySid (sizeof (DBGSID), &builtin_sid_list[builtin_sid_cnt++],
psid);
}
- if (EqualSid (curr_pgrp.psid, psid))
+ if (!print_current)
+ /* fall through */;
+ else if (EqualSid (curr_pgrp.psid, psid))
got_curr_pgrp = TRUE;
+
gid = *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1);
- printf ("%ls%s%ls:%s:%ld:\n",
- with_dom && !is_builtin ? domain_name : L"",
- with_dom && !is_builtin ? sep : "",
+ printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
+ mach->with_dom && !is_builtin ? domain_name : L"",
+ mach->with_dom && !is_builtin ? sep : "",
buffer[i].lgrpi0_name,
put_sid (psid),
- gid + (is_builtin ? 0 : id_offset));
+ (unsigned int) (gid + (is_builtin ? 0 : id_offset)));
skip_group:
;
}
}
while (rc == ERROR_MORE_DATA);
- return 0;
+ /* Return 1 if the single group we're looking for has been found here to
+ avoid calling enum_groups for the same group, thus avoiding a spurious
+ error message "group name could not be found" in enum_groups. */
+ return disp_groupname && entriesread ? 1 : 0;
}
-void
-enum_groups (BOOL domain, domlist_t *dom_or_machine, const char *sep,
- DWORD id_offset, char *disp_groupname)
+static void
+enum_groups (domlist_t *mach, const char *sep, DWORD id_offset,
+ char *disp_groupname, int print_current)
{
WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1];
- PWCHAR servername = NULL;
- char *d_or_m = dom_or_machine ? dom_or_machine->str : NULL;
- BOOL with_dom = dom_or_machine ? dom_or_machine->with_dom : FALSE;
GROUP_INFO_2 *buffer;
DWORD entriesread = 0;
DWORD totalentries = 0;
- DWORD resume_handle = 0;
+ DWORD_PTR resume_handle = 0;
WCHAR gname[GNLEN + 1];
DWORD rc;
- if (domain)
- {
- servername = get_dcname (d_or_m);
- if (servername == (PWCHAR) -1)
- return;
- }
- else if (d_or_m)
+ int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+ if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
{
- int ret = mbstowcs (machine, d_or_m, INTERNET_MAX_HOST_NAME_LENGTH + 1);
- if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
- {
- fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
- __progname, d_or_m);
- return;
- }
- servername = machine;
+ fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
+ program_invocation_short_name, mach->str);
+ return;
}
do
if (disp_groupname != NULL)
{
mbstowcs (gname, disp_groupname, GNLEN + 1);
- rc = NetGroupGetInfo (servername, (LPWSTR) & gname, 2,
- (void *) &buffer);
+ rc = NetGroupGetInfo (machine, (LPWSTR) & gname, 2, (void *) &buffer);
entriesread=1;
+ /* Avoid annoying error messages just because the group hasn't been
+ found. */
+ if (rc == NERR_GroupNotFound)
+ return;
}
- else
- rc = NetGroupEnum (servername, 2, (void *) & buffer,
- MAX_PREFERRED_LENGTH, &entriesread, &totalentries,
- &resume_handle);
+ else
+ rc = NetGroupEnum (machine, 2, (void *) & buffer, MAX_PREFERRED_LENGTH,
+ &entriesread, &totalentries, &resume_handle);
switch (rc)
{
case ERROR_ACCESS_DENIED:
{
WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1;
- char psid_buffer[MAX_SID_LEN];
+ char psid_buffer[SECURITY_MAX_SID_SIZE];
PSID psid = (PSID) psid_buffer;
- DWORD sid_length = MAX_SID_LEN;
+ DWORD sid_length = SECURITY_MAX_SID_SIZE;
SID_NAME_USE acc_type;
int gid = buffer[i].grpi2_group_id;
- if (!LookupAccountNameW (servername, buffer[i].grpi2_name,
+ if (!LookupAccountNameW (machine, buffer[i].grpi2_name,
psid, &sid_length,
domain_name, &domname_len,
&acc_type))
{
- print_win_error (rc);
+ print_win_error (GetLastError ());
fprintf(stderr, " (%ls)\n", buffer[i].grpi2_name);
continue;
}
else if (acc_type == SidTypeDomain)
{
WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2];
+ PWCHAR p;
- wcscpy (domname, domain || !servername
- ? domain_name : servername);
- wcscat (domname, L"\\");
- wcscat (domname, buffer[i].grpi2_name);
- sid_length = MAX_SID_LEN;
+ p = wcpcpy (domname, machine);
+ p = wcpcpy (p, L"\\");
+ p = wcpncpy (p, buffer[i].grpi2_name, GNLEN);
+ *p = L'\0';
+ sid_length = SECURITY_MAX_SID_SIZE;
domname_len = MAX_DOMAIN_NAME_LEN + 1;
- if (!LookupAccountNameW (servername, domname,
- psid, &sid_length,
- domain_name, &domname_len,
- &acc_type))
+ if (!LookupAccountNameW (machine, domname, psid, &sid_length,
+ domain_name, &domname_len, &acc_type))
{
- print_win_error (rc);
+ print_win_error (GetLastError ());
fprintf(stderr, " (%ls)\n", domname);
continue;
}
}
- if (EqualSid (curr_pgrp.psid, psid))
+ if (!print_current)
+ /* fall through */;
+ else if (EqualSid (curr_pgrp.psid, psid))
got_curr_pgrp = TRUE;
- printf ("%ls%s%ls:%s:%lu:\n",
- with_dom ? domain_name : L"",
- with_dom ? sep : "",
+
+ printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
+ mach->with_dom ? domain_name : L"",
+ mach->with_dom ? sep : "",
buffer[i].grpi2_name,
put_sid (psid),
- id_offset + gid);
+ (unsigned int) (id_offset + gid));
}
NetApiBufferFree (buffer);
while (rc == ERROR_MORE_DATA);
}
-void
-print_special (PSID_IDENTIFIER_AUTHORITY auth, BYTE cnt,
- DWORD sub1, DWORD sub2, DWORD sub3, DWORD sub4,
- DWORD sub5, DWORD sub6, DWORD sub7, DWORD sub8)
-{
- WCHAR grp[GNLEN + 1], dom[MAX_DOMAIN_NAME_LEN + 1];
- DWORD glen, dlen, rid;
- PSID psid;
- SID_NAME_USE acc_type;
-
- if (AllocateAndInitializeSid (auth, cnt, sub1, sub2, sub3, sub4,
- sub5, sub6, sub7, sub8, &psid))
- {
- if (LookupAccountSidW (NULL, psid,
- grp, (glen = GNLEN + 1, &glen),
- dom, (dlen = MAX_DOMAIN_NAME_LEN + 1, &dlen),
- &acc_type))
- {
- if (sub8)
- rid = sub8;
- else if (sub7)
- rid = sub7;
- else if (sub6)
- rid = sub6;
- else if (sub5)
- rid = sub5;
- else if (sub4)
- rid = sub4;
- else if (sub3)
- rid = sub3;
- else if (sub2)
- rid = sub2;
- else
- rid = sub1;
- printf ("%ls:%s:%lu:\n", grp, put_sid (psid), rid);
- }
- FreeSid (psid);
- }
-}
-
-int
+static int __attribute__ ((__noreturn__))
usage (FILE * stream)
{
fprintf (stream,
-"Usage: mkgroup [OPTION]...\n"
-"Print /etc/group file to stdout\n"
+"Usage: %s [OPTION]...\n"
+"\n"
+"Write /etc/group-like output to stdout\n"
+"\n"
+"Don't use this command to generate a local /etc/group file, unless you\n"
+"really need one. See the Cygwin User's Guide for more information.\n"
"\n"
"Options:\n"
-" -l,--local [machine[,offset]]\n"
-" print local groups with gid offset offset\n"
-" (from local machine if no machine specified)\n"
-" -L,--Local [machine[,offset]]\n"
-" ditto, but generate groupname with machine prefix\n"
-" -d,--domain [domain[,offset]]\n"
-" print domain groups with gid offset offset\n"
-" (from current domain if no domain specified)\n"
-" -D,--Domain [domain[,offset]]\n"
-" ditto, but generate groupname with machine prefix\n"
-" -c,--current print current group\n"
-" -C,--Current ditto, but generate groupname with machine or\n"
-" domain prefix\n"
-" -S,--separator char for -L, -D, -C use character char as domain\\group\n"
-" separator in groupname instead of the default '\\'\n"
-" -o,--id-offset offset change the default offset (10000) added to gids\n"
-" in domain or foreign server accounts.\n"
-" -g,--group groupname only return information for the specified group\n"
-" one of -l, -L, -d, -D must be specified, too\n"
-" -b,--no-builtin don't print BUILTIN groups\n"
-" -U,--unix grouplist additionally print UNIX groups when using -l or -L\n"
-" on a UNIX Samba server\n"
-" grouplist is a comma-separated list of groupnames\n"
-" or gid ranges (root,-25,50-100).\n"
-" (enumerating large ranges can take a long time!)\n"
-" -s,--no-sids (ignored)\n"
-" -u,--users (ignored)\n"
-" -h,--help print this message\n"
-" -v,--version print version information and exit\n"
+"\n"
+" -l,--local [machine] Print local group accounts of \"machine\",\n"
+" from local machine if no machine specified.\n"
+" Automatically adding machine prefix for local\n"
+" machine depends on settings in /etc/nsswitch.conf.\n"
+" -L,--Local machine Ditto, but generate groupname with machine prefix.\n"
+" -d,--domain [domain] Print domain groups,\n"
+" from current domain if no domain specified.\n"
+" -c,--current Print current group.\n"
+" -S,--separator char For -L use character char as domain\\group\n"
+" separator in groupname instead of default '%s'.\n"
+" -o,--id-offset offset Change the default offset (0x10000) added to gids\n"
+" of foreign local machine accounts. Use with -l/-L.\n"
+" -g,--group groupname Only return information for the specified group.\n"
+" One of -l, -d must be specified, too.\n"
+" -b,--no-builtin Don't print BUILTIN groups.\n"
+" -U,--unix grouplist Print UNIX groups when using -l on a UNIX Samba\n"
+" server. Grouplist is a comma-separated list of\n"
+" groupnames or gid ranges (root,-25,50-100).\n"
+" Enumerating large ranges can take a long time!\n"
+" -h,--help Print this message.\n"
+" -v,--version Print version information and exit.\n"
"\n"
"Default is to print local groups on stand-alone machines, plus domain\n"
-"groups on domain controllers and domain member machines.\n");
- return 1;
+"groups on domain controllers and domain member machines.\n"
+"\n", program_invocation_short_name,
+ (const char *) cygwin_internal (CW_GETNSSSEP));
+ exit (0);
}
struct option longopts[] = {
{"separator", required_argument, NULL, 'S'},
{"users", no_argument, NULL, 'u'},
{"unix", required_argument, NULL, 'U'},
- {"version", no_argument, NULL, 'v'},
+ {"version", no_argument, NULL, 'V'},
{0, no_argument, NULL, 0}
};
-char opts[] = "bcCd::D::g:hl::L::o:sS:uU:v";
+static char opts[] = "bcCd::D::g:hl::L::o:sS:uU:V";
-void
+static void
print_version ()
{
- const char *v = strchr (version, ':');
- int len;
- if (!v)
- {
- v = "?";
- len = 1;
- }
- else
- {
- v += 2;
- len = strchr (v, ' ') - v;
- }
- printf ("\
-mkgroup (cygwin) %.*s\n\
-group File Generator\n\
-Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 Red Hat, Inc.\n\
-Compiled on %s\n\
-", len, v, __DATE__);
-}
-
-static PPOLICY_PRIMARY_DOMAIN_INFO p_dom;
-
-static BOOL
-fetch_primary_domain ()
-{
- NTSTATUS status;
- LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
- LSA_HANDLE lsa;
-
- if (!p_dom)
- {
- status = LsaOpenPolicy (NULL, &oa, POLICY_EXECUTE, &lsa);
- if (!NT_SUCCESS (status))
- return FALSE;
- status = LsaQueryInformationPolicy (lsa, PolicyPrimaryDomainInformation,
- (PVOID *) &p_dom);
- LsaClose (lsa);
- if (!NT_SUCCESS (status))
- return FALSE;
- }
- return !!p_dom->Sid;
+ printf ("mkgroup (cygwin) %d.%d.%d\n"
+ "Group File Generator\n"
+ "Copyright (C) 1997 - %s Cygwin Authors\n"
+ "This is free software; see the source for copying conditions. There is NO\n"
+ "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n",
+ CYGWIN_VERSION_DLL_MAJOR / 1000,
+ CYGWIN_VERSION_DLL_MAJOR % 1000,
+ CYGWIN_VERSION_DLL_MINOR,
+ strrchr (__DATE__, ' ') + 1);
}
int
{
int print_domlist = 0;
domlist_t domlist[32];
- char *opt, *p, *ep;
+ char cname[1024];
+ char *opt, *p;
int print_current = 0;
- int print_system = 0;
int print_builtin = 1;
char *print_unix = NULL;
- const char *sep_char = "\\";
- DWORD id_offset = 10000, off;
+ const char *sep_char = (const char *) cygwin_internal (CW_GETNSSSEP);
+ DWORD id_offset = 0x10000, off;
int c, i;
char *disp_groupname = NULL;
- BOOL in_domain;
+ int optional_args = 0;
+ uintptr_t nss_src = cygwin_internal (CW_GETNSS_GRP_SRC);
if (!isatty (1))
setmode (1, O_BINARY);
- load_dsgetdcname ();
- in_domain = fetch_primary_domain ();
+ /* Use locale from environment. If not set or set to "C", use UTF-8. */
+ setlocale (LC_CTYPE, "");
+ if (!strcmp (setlocale (LC_CTYPE, NULL), "C"))
+ setlocale (LC_CTYPE, "en_US.UTF-8");
+ fetch_current_pgrp_sid ();
+
if (argc == 1)
{
- print_special (&sid_nt_auth, 1, SECURITY_LOCAL_SYSTEM_RID,
- 0, 0, 0, 0, 0, 0, 0);
- if (in_domain)
+ int enums = ENUM_PRIMARY | ENUM_LOCAL | ENUM_BUILTIN;
+ uintptr_t ticket = cygwin_internal (CW_SETENT, TRUE, enums, NULL);
+ if (ticket)
{
- if (!enum_local_groups (TRUE, NULL, sep_char, id_offset,
- disp_groupname, print_builtin))
- enum_groups (TRUE, NULL, sep_char, id_offset, disp_groupname);
+ struct group *grp;
+
+ while ((grp = (struct group *) cygwin_internal (CW_GETENT, TRUE,
+ ticket)))
+ printf ("%s:%s:%u:\n", grp->gr_name, grp->gr_passwd, grp->gr_gid);
+ cygwin_internal (CW_ENDENT, TRUE, ticket);
}
- else if (!enum_local_groups (FALSE, NULL, sep_char, 0, disp_groupname,
- print_builtin))
- enum_groups (FALSE, NULL, sep_char, 0, disp_groupname);
return 0;
}
+ unsetenv ("POSIXLY_CORRECT"); /* To get optional arg processing right. */
while ((c = getopt_long (argc, argv, opts, longopts, NULL)) != EOF)
switch (c)
{
if (print_domlist >= 32)
{
fprintf (stderr, "%s: Can not enumerate from more than 32 "
- "domains and machines.\n", __progname);
+ "domains and machines.\n",
+ program_invocation_short_name);
return 1;
}
domlist[print_domlist].domain = (c == 'd' || c == 'D');
opt = optarg ?:
argv[optind] && argv[optind][0] != '-' ? argv[optind] : NULL;
+ if (argv[optind] && opt == argv[optind])
+ ++optional_args;
for (i = 0; i < print_domlist; ++i)
if (domlist[i].domain == domlist[print_domlist].domain
&& ((!domlist[i].str && !opt)
&& (!opt[off] || opt[off] == ','))))
{
fprintf (stderr, "%s: Duplicate %s '%s'. Skipping...\n",
- __progname, domlist[i].domain ? "domain" : "machine",
+ program_invocation_short_name,
+ domlist[i].domain ? "domain" : "machine",
domlist[i].str);
- goto skip;
+ break;
}
- if (!(domlist[print_domlist].str = opt))
- print_system = 1;
- domlist[print_domlist].id_offset = ULONG_MAX;
+ domlist[print_domlist].str = opt;
if (opt && (p = strchr (opt, ',')))
{
- if (p == opt
- || !isdigit (p[1])
- || (domlist[print_domlist].id_offset = strtol (p + 1, &ep, 10)
- , *ep))
+ if (p == opt)
{
- fprintf (stderr, "%s: Malformed machine,offset string '%s'. "
- "Skipping...\n", __progname, opt);
- break;
+ fprintf (stderr, "%s: Malformed machine string '%s'. "
+ "Skipping...\n", program_invocation_short_name, opt);
+ break;
}
*p = '\0';
}
- domlist[print_domlist++].with_dom = (c == 'D' || c == 'L');
-skip:
+ if (c == 'l' || c == 'L')
+ {
+ DWORD csize = sizeof cname;
+
+ domlist[print_domlist].with_dom = (c == 'L');
+ if (!opt)
+ {
+ /* If the system uses /etc/group exclusively as account DB,
+ create local group names the old fashioned way. */
+ if (nss_src == NSS_SRC_FILES)
+ {
+ GetComputerNameExA (ComputerNameNetBIOS, cname, &csize);
+ domlist[print_domlist].str = cname;
+ }
+ }
+ else if (nss_src != NSS_SRC_FILES)
+ {
+ /* If the system uses Windows account DBs, check if machine
+ name is local machine. If so, remove the domain name to
+ enforce system naming convention. */
+ if (GetComputerNameExA (strchr (opt, '.')
+ ? ComputerNameDnsFullyQualified
+ : ComputerNameNetBIOS,
+ cname, &csize)
+ && strcasecmp (opt, cname) == 0)
+ domlist[print_domlist].str = NULL;
+ }
+ }
+ ++print_domlist;
break;
case 'S':
sep_char = optarg;
if (strlen (sep_char) > 1)
{
- fprintf (stderr, "%s: Only one character allowed as domain\\user "
- "separator character.\n", __progname);
+ fprintf (stderr, "%s: Only one ASCII character allowed as "
+ "domain\\user separator character.\n",
+ program_invocation_short_name);
return 1;
}
if (*sep_char == ':')
{
fprintf (stderr, "%s: Colon not allowed as domain\\user separator "
- "character.\n", __progname);
+ "character.\n", program_invocation_short_name);
return 1;
}
- break;
+ break;
case 'U':
- print_unix = optarg;
+ print_unix = optarg;
break;
case 'c':
- sep_char = NULL;
- /*FALLTHRU*/
case 'C':
print_current = 1;
break;
id_offset = strtol (optarg, NULL, 10);
break;
case 'b':
- print_builtin = 0;
+ print_builtin = 0;
break;
case 's':
break;
break;
case 'h':
usage (stdout);
- return 0;
- case 'v':
+ case 'V':
print_version ();
return 0;
default:
- fprintf (stderr, "Try '%s --help' for more information.\n", argv[0]);
+ fprintf (stderr, "Try `%s --help' for more information.\n", argv[0]);
return 1;
}
- /* Get 'system' group */
- if (!disp_groupname && print_system && print_builtin)
- print_special (&sid_nt_auth, 1, SECURITY_LOCAL_SYSTEM_RID,
- 0, 0, 0, 0, 0, 0, 0);
+ optind += optional_args;
+ if (argv[optind])
+ {
+ fprintf (stderr,
+ "mkgroup: non-option command line argument `%s' is not allowed.\n"
+ "Try `mkgroup --help' for more information.\n", argv[optind]);
+ exit (1);
+ }
- fetch_current_pgrp_sid ();
+ struct group *pgrp = NULL;
+ if (print_current)
+ pgrp = (struct group *) cygwin_internal (CW_GETGRSID, TRUE, curr_pgrp.psid);
- off = id_offset;
+ int enums = ENUM_NONE;
+ WCHAR tdoms[print_domlist * 258];
+ PWCHAR t = tdoms;
+ if (!disp_groupname && print_builtin && print_domlist)
+ enums |= ENUM_BUILTIN;
for (i = 0; i < print_domlist; ++i)
{
- DWORD my_off = (domlist[i].domain || domlist[i].str)
- ? domlist[i].id_offset != ULONG_MAX
- ? domlist[i].id_offset : off : 0;
- if (!enum_local_groups (domlist[i].domain, domlist + i, sep_char,
- my_off, disp_groupname, print_builtin))
+ if (domlist[i].domain)
{
- if (!domlist[i].domain && domlist[i].str && print_unix)
- enum_unix_groups (domlist + i, sep_char, my_off, print_unix);
- enum_groups (domlist[i].domain, domlist + i, sep_char, my_off,
- disp_groupname);
- if (my_off)
- off += id_offset;
+ if (domlist[i].str)
+ {
+ enums |= ENUM_TDOMS;
+ t += mbstowcs (t, domlist[i].str, 257);
+ *t++ = L'\0';
+ }
+ else
+ enums |= ENUM_PRIMARY;
+ }
+ else if (!domlist[i].str)
+ enums |= ENUM_LOCAL;
+ }
+ if (t > tdoms)
+ *t++ = L'\0';
+ if (enums)
+ {
+ uintptr_t ticket = cygwin_internal (CW_SETENT, TRUE, enums,
+ t > tdoms ? tdoms : NULL);
+ if (ticket)
+ {
+ struct group *grp;
+ const char *nss_sep = (const char *) cygwin_internal (CW_GETNSSSEP);
+
+ while ((grp = (struct group *)
+ cygwin_internal (CW_GETENT, TRUE, ticket)))
+ {
+ if (disp_groupname
+ && strcasecmp (disp_groupname, grp->gr_name) != 0
+ && (!(p = strchr (grp->gr_name, nss_sep[0]))
+ || strcasecmp (disp_groupname, p + 1) != 0))
+ continue;
+ printf ("%s:%s:%u:\n", grp->gr_name, grp->gr_passwd,
+ grp->gr_gid);
+ if (pgrp && !strcmp (grp->gr_passwd, pgrp->gr_passwd))
+ got_curr_pgrp = TRUE;
+ }
+ cygwin_internal (CW_ENDENT, TRUE, ticket);
}
}
if (print_current && !got_curr_pgrp)
- current_group (sep_char, off);
+ printf ("%s:%s:%u:\n", pgrp->gr_name, pgrp->gr_passwd, pgrp->gr_gid);
+
+ off = 0xfd000000;
+ for (i = 0; i < print_domlist; ++i)
+ {
+ if (domlist[i].domain || !domlist[i].str)
+ continue;
+ if (!enum_local_groups (domlist + i, sep_char,
+ (nss_src == NSS_SRC_FILES) ? 0x30000 : off,
+ disp_groupname, print_builtin, print_current))
+ {
+ enum_groups (domlist + i, sep_char,
+ (nss_src == NSS_SRC_FILES) ? 0x30000 : off,
+ disp_groupname, print_current);
+ if (!domlist[i].domain && domlist[i].str && print_unix)
+ enum_unix_groups (domlist + i, sep_char, 0xff000000, print_unix);
+ off += id_offset;
+ }
+ }
return 0;
}